Toronto CISO Executive Summit

December 14, 2021 | Hilton Toronto

December 14, 2021
Hilton Toronto

REGISTER NOW

Collaborate with your peers

Get together with Toronto's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Accelerating security to match the pace of digital business initiatives

Managing the risk created from a landscape of new core technologies

Achieving sustainability for the CISO role without compromising outcomes

Toronto CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Co-Chairs

Zaki Abbas

Brookfield Asset Management
SVP, CISO

Michael Dundas

Manulife
Assistant Vice President of Cyber Protection

Adam Evans

Royal Bank of Canada
VP, Cyber Operations & CISO

Jason Hall

Scotiabank
VP Enterprise Security

Sandra Liepkalns

Choice Properties REIT
VP, Information Security

Ranjika Manamperi

Ontario Power Generation
Vice President Cybersecurity & CISO

Mike Melo

LifeLabs
CISO

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Toronto CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


December 13, 2021

6:00pm - 8:30pm  Governing Body Welcome Reception

Governing Body Welcome Reception, Quiz Coconut Trivia

James Cutler headshot

James Cutler

Quizmaster

Quiz Coconut

Join your peers for this exclusive gathering preceding the Toronto CISO Executive Summit, with special guest, James Cutler from Quiz Coconut! Over various different rounds you will compete against your rival colleagues to see which team will win the ultimate plaudits and become the Toronto CISO Trivia Champion!

  • There will be varied general knowledge trivia!
  • Some holiday based brain-teasers!
  • A ’Name That Tune’ round!
  • Our signature interactive creative challenge!
  • No preparation needed. Just turn up with your brain cells!

This is not an exam - it’s fun trivia, silly in places and not too serious. Get in the holiday spirit with some variety trivia entertainment!

December 14, 2021 - morning

7:30am - 8:15am  Registration & Breakfast

8:15am - 9:00am  Keynote

The Evolving CISO Role

Ragulan Sinnarajah headshot

Ragulan Sinnarajah

VP, IT Shared Services & Head of Cyber Security

Sobeys

Adam Evans headshot

Adam Evans

VP, Cyber Operations & CISO

Royal Bank of Canada

Ranjika Manamperi headshot

Ranjika Manamperi

Vice President Cybersecurity & CISO

Ontario Power Generation

The professional journey of a CISO is a lot like the cyber threats they protect against – unique and often unpredictable. How can CISOs set themselves up for success as the role continues to change?

In this panel conversation CISOs will explore:

  • Lessons they’re learned that can guide security leaders
  • Strategies to elevate yourself within the business
  • What is next after being a CISO

9:00am - 9:15am  Break

9:15am - 10:00am  Breakout Session

The Art of Security Metrics

Abigail Carter-Langford headshot

Abigail Carter-Langford

Chief Privacy & Security Officer, Executive Vice President, Governance, Risk & Compliance

Canada Health Infoway

Vaughn Hazen headshot

Vaughn Hazen

CISO

CN

Kashif Parvaiz headshot

Kashif Parvaiz

Chief Information Security Officer (CISO), RSOC Program Director

University Health Network

What are the metrics that really measure success for a security program? What data tells the most compelling security story across the organization? Join this interactive discussion as a panel of security leaders leads Toronto CISOs through the latest thinking in this unique tactical and leadership challenge.

In this session, you will:

  • Learn the latest peer metrics for measuring and communicating risk
  • Fine-tune your skills using security metrics for persuasive messaging
  • Discuss tools to generate and gather meaningful metrics from your security program

9:15am - 10:00am  Breakout Session

Zero-Trust Security

Mike Riemer headshot

Mike Riemer

GVP, Office of the CTO

Ivanti

The post-Covid tech tsunami has highlighted security executives as an even more crucial leader in enabling the evolution of every organization. Similarly, this trend has foisted some enduring security challenges around identity, endpoints and ransomware as even more crucial to the business. The ability to navigate these challenges in partnership with the broader organization is critical.

Join this session to learn:

  • The latest landscape for Zero Trust and identity governance best practices and challenges
  • Strategic considerations for securing remote work
  • How enduring threats such as ransomware are impacting the modern enterprise

9:15am - 10:00am  Executive Boardroom

Cloud Computing & Security — More Than Lifting and Shifting

Rafi Wanounou headshot

Rafi Wanounou

Director, Systems Engineering

Fortinet

Mohsen Azari headshot

Mohsen Azari

Senior IT Security Manager

Walmart Canada

Aamir Bhaijiwala headshot

Aamir Bhaijiwala

Director Information Security

Chartwell Retirement Residences

One could say networking and security always follow the compute, but rapid adoption of multi-cloud and hybrid computing means networks are now more distributed than ever before with business value shifting to agility, innovation and software - leading to the rise of the software defined enterprise.
In this session, you will explore:

  • How to better balance risk management with business objectives and customer experiences
  • Practical strategies to secure cloud computing while delivering better outcomes and experiences
  • New and emerging technology trends

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

9:15am - 10:00am  Executive Boardroom

Security Technology Sprawl Tipping Point – How More Tools Can Increase Overall Risk

Craig Newell headshot

Craig Newell

Director, Cyber Security

Liquor Control Board of Ontario

Deepak Upadhyaya headshot

Deepak Upadhyaya

CISO, Partner - Digital Tech and Risk

Baker Tilly International

As organizations rush to cover gaps in an expanding attack surface, thanks to digital transformation and remote work, they are realizing that this strategy is creating an uncontrolled technology sprawl. Yet many organizations continue purchasing more tools than they can manage, actually increasing their overall risk while wasting limited program budget. How is your technology investment strategy helping you meet your security outcomes?

In this discussion, you will learn:

  • The state of “tools sprawl” and data showing its impact on security organizations
  • Insights and best practices to reduce complexity and increase tool efficacies
  • Maturing your security posture to drive desired outcomes

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

10:00am - 10:30am  Networking Break

10:30am - 11:15am  Breakout Session

Ransomware Readiness — An Interactive Workshop

Simon Brown headshot

Simon Brown

Director, Cybersecurity

Weston Foods Inc

Sandra Liepkalns headshot

Sandra Liepkalns

VP, Information Security

Choice Properties REIT

The risk of ransomware attacks is top-of-mind for all organizations today as threat actors become more sophisticated and their impact increasingly detrimental. In this interactive workshop, cybersecurity leaders will come together to share their latest strategies for addressing this persistent risk.

Join this benchmarking session to discuss:

  • Taking ransomware protection to the next level
  • Strategies to defend against bad actors
  • Challenges and best practices in managing major security events

10:30am - 11:15am  Executive Boardroom

Extending Zero Trust to SaaS

Glenn Chisholm headshot

Glenn Chisholm

Co-Founder, Chairman and Chief Product Officer

Obsidian

Davis Arora headshot

Davis Arora

Senior Director of Cyber Security

Honeywell

Blair Radbourne headshot

Blair Radbourne

Vice President, Cybersecurity & Technology Risk

OMERS

To bring SaaS into the scope of Zero Trust requires a comprehensive understanding of users, applications, and third-party integrations. Companies cannot rely on measures like SSO and MFA alone, as they only verify user identity and are vulnerable to token hijacking attacks. How can security leaders extend the concept "never trust, always verify" beyond the identity provider to cover their SaaS crown jewels like Microsoft 365, Google Workspace, Workday, Salesforce and ServiceNow?

Join this roundtable to:

  • Benchmark with your peers regarding Zero Trust and SaaS security strategy
  • Discuss the critical elements of a complete SaaS security stack
  • Develop action items for protecting business-critical SaaS applications

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

10:30am - 11:15am  Executive Boardroom

Vulnerability Risk Management for The Modern Era

Michael Roytman headshot

Michael Roytman

Principal Engineer

Cisco Systems

Vivek Khindria headshot

Vivek Khindria

Vice President Security and Risk

Loblaws

Twane Boettinger headshot

Twane Boettinger

Director, Information Security and IT Risk Governance (CISO)

First Canadian Title

Vulnerabilities can be found anywhere in an organization. Having a risk-based and prioritized approach to managing and mitigating those vulnerabilities is critical to maintain a strong security posture.

Join this session to discuss:

  • Which vulnerabilities are the riskiest
  • Strategies to identify vulnerabilities before they’re exploited
  • How to use ML to make informed decisions on risk

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Nick.Hall@Evanta.com

10:30am - 11:15am  Executive Boardroom

Supercharge and De-Risk Your Public Cloud

Sandy Bird headshot

Sandy Bird

Co-founder & CTO

Sonrai Security

Steve Ferrigni headshot

Steve Ferrigni

Executive Director, Cyber Security, IT Risk Management and Enterprise Architecture

Workplace Safety & Insurance Board

Eran Frank headshot

Eran Frank

Director, Information Security

Cadillac Fairview

The public cloud has delivered strong business benefits while rendering old-world security and governance models obsolete. However, a new approach to governance and security that is fully automated and built for the modern world can deliver far superior results.

Join this interactive session to discuss:

  • Security implications of digital disruption
  • Real-world steps to reinvent security for both security and DevOps teams
  • Why identity and data governance is central to new security strategy

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

11:15am - 11:25am  Break

December 14, 2021 - mid-afternoon

11:25am - 12:40pm  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:45am - 1:30pm  Lunch Service

12:40pm - 1:00pm  Break

1:00pm - 1:35pm  Keynote

Interactive Discussion — Acceptable Risk

Ben Sapiro headshot

Ben Sapiro

Vice President, Technology Risk & CISO

Canada Life

Every individual, company and society is willing to take risk. In everything we do there is risk, we use risk as leverage (in the financial sense) to achieve some benefit at lower cost. Figuring out where that bright red line of too much risk is not easy - our job is to help our organizations figure out what that acceptable risk is. In this interactive keynote discussion, Ben Sapiro invites Toronto-area security leaders on a journey to articulate their risk appetite and understand how it compares to their peers.

In this keynote, you will:

  • Frame the idea of acceptable risk
  • Discover what your peers are willing to do – or not do – against differing levels of risk
  • Fine-tune how to discuss acceptable risk with stakeholders

1:35pm - 1:50pm  Break

December 14, 2021 - afternoon

1:50pm - 2:35pm  Breakout Session

Mitigating New Third Party Risks

Michael Balenzano headshot

Michael Balenzano

Manager, Network Services

Lactalis Canada

Omar Al-Assaf headshot

Omar Al-Assaf

Bank Information Security Officer

American Express

Many third-party risks are identified after initial onboarding and due diligence, suggesting traditional methods in risk management policy fail to capture new and evolving vulnerabilities. As these external partnerships become increasingly complex, the need for a new approach is clear.

In this benchmarking session, uncover answers to your pressing questions, including:

  • What strategies are most effective when assessing vendor risk?
  • How do you ensure vendors are complying with evolving privacy regulations?
  • How do you convey vendor risks to senior leadership and to your board?

1:50pm - 2:35pm  Executive Boardroom

What Matters Most for Your Security Operations

David Merkel headshot

David Merkel

CEO and Co-Founder

Expel

Brent Thomas headshot

Brent Thomas

AVP, Cyber Security Delivery

Canadian Tire Corporation

Tom Verhoog headshot

Tom Verhoog

Global Information Security Manager

Celestica

Since cybercriminals never rest, a sound SOC - staffed by the right people using the right tools in the right way - should be a key part of your cyber defense strategy. Whether your security operations program is completely in-house, outsourced, or operating in a hybrid model you’ll want to measure its effectiveness. How do you think about measuring efficacy and how do these metrics feedback into your program to increase operational maturity over time?

In this session you will discuss:

  • Volume and trend metrics that speak to effectiveness; what does good look like?
  • How does automation come into play and how do you monitor what the robots are doing?
  • What impact does this have on hiring and ongoing job satisfaction?

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

1:50pm - 2:35pm  Executive Boardroom

Next Gen Innovation Offense — Uniting DevSecOps

Ghaith Chukfeh headshot

Ghaith Chukfeh

Vice President Security and Privacy

Klick Health

Assaf Afek-Levy headshot

Assaf Afek-Levy

Sr. Director, Information Security

Altus Group

Maury Cupitt headshot

Maury Cupitt

VP, Solutions Architecture

Sonatype

This is NOT your typical security conversation. We won’t be talking about how to play better "perimeter defense" at the end of your software supply chain. Instead, we will be talking about how to play better digital “innovation offense” as next-generation software supply chain attacks become more sinister with bad actors actively injecting malicious code into open source projects that feed the global software supply chain.

Join us to discuss:

  • The prevalence of software supply chain attacks with real-world examples such as dependency confusion and how to continuously identify and remediate open source risk, without slowing down innovation
  • Ways to integrate security guardrails directly within your DevOps pipeline
  • The importance of uniting developers, security, and operations on the same team

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

1:50pm - 2:35pm  Executive Boardroom

The State of Cybersecurity

Priya Sirwani headshot

Priya Sirwani

Global CISO

Fiera Capital

Alpha Chan headshot

Alpha Chan

Cyber Security Lead

Toronto Police Service

Victor Tavares headshot

Victor Tavares

Canadian Director of Systems Engineers

Palo Alto Networks

Information security is in a sprint to match the velocity of digital transformation at organizations. Driven by a number of factors such as remote work, transitions to cloud services and bring-your-own device, CISOs face the puzzle of implementing security without slowing down the business. With the scourge of ransomware and other threats only increasing, it is no easy balance.

In this session, you will discuss:

  • Common friction points between IT and security for enabling remote work and digital transformation
  • Ways to efficiently deploy security controls without slowing down work
  • How to seamlessly manage specific threats such as ransomware

2:35pm - 3:05pm  Networking Break

3:05pm - 3:40pm  Keynote

Cyber Risk Management — A Conversation

Rachel Guinto headshot

Rachel Guinto

AVP Global Information Risk Management

Manulife

Greg Thompson headshot

Greg Thompson

Vice President & Chief Information Security Officer

Manulife

With the expanding attack surface and increasing skill of cyber adversaries, fear and anxiety often drive decision making from the top-down. How do you change the conversation to focus on cyber risk rather than a fear-based approach? In this session Greg Thompson and Rachel Guinto discuss how risk management is viewed at Manulife.

Join this conversation and learn:

  • How to evolve cybersecurity into a mature risk discipline
  • Strategies to shift from KPIs to KRIs
  • Communication tactics to tell a compelling risk story to senior leaders

3:40pm - 4:10pm  Closing Reception & Prize Drawing

REGISTER

We look forward to seeing you at an upcoming in-person gathering


Evanta programs are uniquely positioned to succeed in the current landscape.

  • Our invitation-only gatherings are designed to be smaller in scale, providing a safe and comfortable environment.
  • All in-person programs are local and complimentary, with zero impact on your organization’s T&E.

To ensure the well-being of participants, partners, and associates, we will continue to monitor and adhere to government, venue, and health agency guidelines.

As a part of our commitment to create the safest possible environment, we are requiring all participants, partners, and associates to confirm adherence to our program participation requirements prior to arrival. Additional information and FAQs can be found here: Health and Safety Policy.

Location


Venue & Accommodation

Hilton Toronto
MORE INFORMATION

A block of rooms has been reserved at the Hilton Toronto at a reduced conference rate. Reservations should be made online or by calling 1-800-445-8667. Please mention EVAN21 to ensure the appropriate room rate.

Deadline to book using the discounted room rate of $199 CAD (plus tax) is December 11, 2021.

Your Community Partners


CISO Thought Leader
Key Partners
Program Partners

Toronto CISO Program Manager


For inquiries related to this event, please reach out to your dedicated program contact.

Nick Hall

Senior Program Manager

971-717-6666

nick.hall@evanta.com